Next-gen anti-money laundering – robotics, semantic analysis
and AI

By David Stewart, Director, SAS Security Intelligence Practice

Anti-money laundering (AML) has been a hot topic – and an intensifying regulatory pain point – for financial institutions for decades. For example, the USA PATRIOT Act expanded requirements for detection and reporting. The New York 504 “Final Rule” added more granular and stringent control expectations. And the pending Fifth EU Anti-Money Laundering Directive (5AMLD), puts the onus on European enterprises to meet tougher US regulations.

Few financial institutions are truly ready. There’s a lot of talk about advancing the AML arsenal to the next level, drawing on advances such as robotics, semantic analysis and artificial intelligence (AI). It’s about making AML processes more automated, efficient and effective. And it’s about augmenting traditional rules-based approaches to drive down the rate of false positives and more accurately detect and predict activity worth investigating.

Much of the work in the last 18 months has been to apply AI to some low-hanging fruit, such as using robotic process automation to investigate and prepare cases more quickly. However, as of 2018, we’re starting to see adoption of machine learning not just for process automation, scoring and hibernation, but to supplement or even replace traditional Boolean logic for detecting potentially suspicious activity.

Free white paper

The pace of AML evolution varies across global regions − faster where regulatory oversight is more stringent, slower elsewhere. Learn about four advanced AML technologies and how they are being used today.

Innovate, but with caution. A December 2018 joint statement issued by US authorities called for financial institutions to “consider, evaluate, and where appropriate, responsibly implement innovative approaches” to meet AML compliance obligations. However, there’s a clear message to do this in an experimental sandbox or in parallel until new approaches are proven.

Establish rigorous model governance. Are the algorithms still working? Are cases being appropriately expedited or hibernated? Are models being monitored and tuned as necessary? Especially outside the US, there’s not enough emphasis on this tier of control. Often it’s only when a bank is in trouble and in the news that questions are raised about model risk governance.

Securely share data across borders. Before the industry can adopt machine learning in a meaningful way, we need to be able to securely share data across borders in a GDPR world. We need technologies such as homomorphic encryption (which enables computations to be performed on data without decrypting it) to evolve from the theoretical realm to the real world.

Consider a hybrid approach. Nobody is ready to abandon their rules-based systems and fully replace them with analytical models and robotics. We’re seeing a hybrid approach. Use rules where they do the job; use models where rules would fall short. Analytical models shine in situations that call for discerning complex patterns from well-defined behaviors.

Take a hard look at the data foundation. AI and machine learning can deliver a huge performance boost to AML processes. But there’s no point in using them on bad data, because you’re not going to get anything out of it. Even in large banks, data quality issues are endemic. Many still struggle with the basics of getting a single view of the customer from a risk perspective.

Take a more analytic approach to segmentation. Get more rigorous than simply dividing personal and commercial clients, or bucketing by transaction volume. K‑means clustering – a popular machine learning algorithm – groups entities based on interactions among variables. A forward-thinking SAS customer used smarter segmentation to boost productivity rates from 2.8% to 10.4%.

Zero in on what matters, defer what might matter later. Focus investigators’ time on the most worthy alerts. Auto-referral or hibernation functions use an AI engine to calculate a risk score based on multiple, complex risk variables and categories – then either expedite or hold off on escalating an alert for review.

Use machine learning to detect rare events. An unsupervised learning model can churn through huge volumes of data to find an unknown piece of risk that would be difficult to find using traditional methods. You don’t have to know if a given person or entity is good or bad, just which ones are “edge cases,” behaving out of the norm relative to their peers.

Embed best practices into reusable packages. As we learn from pilot projects, we have packaged up best practices into a bot that automates the creation, publishing and retraining of machine learning models. It preselects variables and recommends best-fit models based on sampling of rare events. The result: More meaningful analysis with less effort from data scientists.

Integrate financial crimes systems and processes. The future of AML will be converging AML, fraud, cybersecurity and other risk functions into a central, unified environment with integrated data orchestration, analytics development, decision making, case management, reporting and governance – and having a comprehensive and fully resolved workflow among them.

Next-generation AML is coming to the forefront as the industry goes through massive digital transformation and as regulators keep upping their definition of “reasonable” control and governance. Robotics, semantic analysis and artificial intelligence – particularly machine learning – will be central to this evolution.

As the technology advances, the barrier for entry has dropped to the point where it is within reach of smaller institutions. You don’t have to have an army of data scientists on staff. SAS is packaging advanced AML data science in a box to automate repetitive manual processes, more accurately detect suspicious activity, and cost-effectively put these capabilities in the hands of more financial services organizations.